package net.pws.oos.security;

import java.util.Date;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.pws.common.util.StringUtils;
import net.pws.common.security.filter.AbstractAuthenticateFilter;
import net.pws.common.security.filter.LoginLogProvider;
import net.pws.common.security.spi.Principal;
import net.pws.oos.biz.model.OperateLog;
import net.pws.oos.biz.model.Phone;
import net.pws.oos.biz.model.User;
import net.pws.oos.biz.query.PhoneQuery;
import net.pws.oos.biz.service.PhoneService;
import net.pws.oos.biz.service.SystemManageService;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class CmsLoginLogProvider implements LoginLogProvider {

	private static final Log logger = LogFactory
			.getLog(CmsLoginLogProvider.class);

	private SystemManageService systemManageService;

	private PhoneService phoneService;

	private PhoneQuery phoneQuery;

	public SystemManageService getSystemManageService() {
		return systemManageService;
	}

	public void setSystemManageService(SystemManageService systemManageService) {
		this.systemManageService = systemManageService;
	}

	public PhoneService getPhoneService() {
		return phoneService;
	}

	public void setPhoneService(PhoneService phoneService) {
		this.phoneService = phoneService;
	}

	public PhoneQuery getPhoneQuery() {
		return phoneQuery;
	}

	public void setPhoneQuery(PhoneQuery phoneQuery) {
		this.phoneQuery = phoneQuery;
	}

	public void log(Principal principal, HttpServletRequest request,
			HttpServletResponse response) {
		try {
			saveLog(principal, request);

			// 保存手机信息
			String accessType = request.getHeader("Access-Type");
			if ("by-mobile".equals(accessType)) {
				savePhone(principal, request);
			}
		} catch (Exception e) {
			logger.error(e, e);
		}
	}

	private void saveLog(Principal principal, HttpServletRequest request) {
		if (principal == null || principal.hasPrivileged()) {
			return;
		}

		String uri = request.getRequestURI();
		if (StringUtils.isBlank(uri)) {
			return;
		}
		if (!AbstractAuthenticateFilter.BASIC_AUTH_FILTER_URL.equals(uri)) {
			return;
		}

		OperateLog log = new OperateLog();
		log.setUri(uri);
		log.setParameter(request.getQueryString());
		log.setType("login");
		log.setUser((User) principal.getDetail());
		log.setOperateDate(new Date());

		String client = request.getHeader("Access-Type");
		if (StringUtils.isBlank(client)) {
			client = "by-web";
		}
		log.setClient(client);

		String ip = request.getHeader("X-Real-IP");
		if (StringUtils.isBlank(ip)) {
			ip = request.getRemoteAddr();
		}
		log.setIp(ip);
		systemManageService.saveOperateLog(log);
	}

	private void savePhone(Principal principal, HttpServletRequest request) {
		if (principal == null) {
			return;
		}
		String userId = principal.getId();
		String mobile = request
				.getParameter(AbstractAuthenticateFilter.BASIC_AUTH_USERNAME_KEY);
		String imsi = request.getParameter("imsi");
		String imei = request.getParameter("imei");
		Phone phone = phoneQuery.get(userId, imei, imsi);
		if (phone != null) {
			return;
		}

		phone = new Phone();
		phone.setMobile(mobile);
		phone.setUserId(userId);
		phone.setImei(imei);
		phone.setImsi(imsi);
		phone.setLoginTime(new Date());
		phoneService.save(phone);
	}
}
